This course focuses on the theoretical foundations of methods used to protect data in computer and communication systems. Among the topics covered are the access control matrix and undecidability of security, various policy models, non-interference and non-deducibility, information flow. and the confinement problem.